Solved

IPSec Issue with Windows Server 2003

Posted on 2010-09-23
9
858 Views
Last Modified: 2012-05-10
HI,
I am getting the issue with IPsec, I configured the IPsec and It was working fine before reboot as I reboot the server it stooped working. It is very surprising to me that Services are running and policy is assigned, still it is not working. If I reconfigure the rule it starts working.

Can any one give me idea why it don't work after restarting the server.
0
Comment
Question by:tanujchandna
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33751252
Did you configure your IPSec policies or used one of defined? If you created your own, check if there is the same settings for each policy you applied in

Policy properties -> General tab -> Setting button -> Authenticate and generate a new key after every: (check this value if it is not so low and is the same for each policy you have enabled)
0
 
LVL 9

Author Comment

by:tanujchandna
ID: 33751306
Hi iSiek Thanks for Reply,
I am attaching my setting of Setting button, Can you please guide me what should I do.

polocy.JPG
0
 
LVL 9

Author Comment

by:tanujchandna
ID: 33751314
HI, In Event Viewer getting following Error.
Event Type:      Failure Audit
Event Source:      Security
Event Category:      Policy Change
Event ID:      615
Date:            9/24/2010
Time:            6:17:14 AM
User:            NT AUTHORITY\NETWORK SERVICE
Computer:      TEMS
Description:
IPSec Services:       PAStore Engine failed to add quick mode filter "Block Inbound TCP 1029 Rule" with error code: The specified transport mode filter already exists.
.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33751331
No problem, you're welcome.
OK, it looks correctly. This is a default value. Do you have any entries in Event viewer?
How did you assign IPSec policies? Manually or via GPO ?
What does this policy do (answers for IPSec queries, request IPsec or require IPSec)?
0
 
LVL 9

Author Comment

by:tanujchandna
ID: 33751352
I have assigned this policy through IPseccmd command, It blocks TCP 1029 inbound Port.
IPSeccmd.exe -w REG -p "Block TCP 1029 Filter" -r "Block Inbound TCP 1029 Rule" -f *=0:1029:TCP -n BLOCK -x

Error in Event Log :
Event Type:      Failure Audit
Event Source:      Security
Event Category:      Policy Change
Event ID:      615
Date:            9/24/2010
Time:            6:17:14 AM
User:            NT AUTHORITY\NETWORK SERVICE
Computer:      TEMS
Description:
IPSec Services:       PAStore Engine failed to add quick mode filter "Block Inbound TCP 1029 Rule" with error code: The specified transport mode filter already exists.
.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33751374
Strange, I found something about this error in the Internet but I don't know if it's trusted solution. I've never found similar problem, sorry.

http://www.errordecoder.com/system-error-codes/11/code-13008.html

Maybe it is really connected to some system error like virus/spyware, drivers or registry. Could you check it, please? But be careful with those freeware tools.
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 33751557
It looks like a problem with IPSeccmd command. It multiplies filters. Can you check it in policy properties, please?
OPen policy and on filter list and action list tabs check if you have more than 1 "Block Inbound TCP 1029 Rule filter list". Clean it up :)
Probably registry has to much rules about the same port block :]
0
 
LVL 9

Author Comment

by:tanujchandna
ID: 33751852
Thanks a Alot !!!!
Resolved the Issue.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33751899
you're welcome :)
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question